-
Notifications
You must be signed in to change notification settings - Fork 15.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Node JS upgrade #13329
Comments
@Anuj16 Upgrading node is not an incredibly simple task but I'll look at backporting the fixes for those two CVE's. As far as I can see The other one requires a backport of nodejs/node#17526 |
Update 8.9.3 includes the fix for |
Closing this out as both CVE's are reported as fixed in 8.9.3 which we currently depend on: |
@MarshallOfSound Thanks very much for the quick clarification. |
@Anuj16 No problem, also for future reference even though this particular issue is on the line of public knowledge can all future security related things go to security@electronjs.org 👍 |
Hi All,
There are two vulnerabilities in Node version that electron is using right now (8.9.3). (here).
Do we have any plan to go to latest version of Node? If yes then any tentative dates for the same?
The text was updated successfully, but these errors were encountered: